tencent cloud

PrevNext

Feedback

search by keyword

Recent Pages

Documentation
Tencent Cloud Organization
    Documentation
    Download PDF

    Examples of Synchronization from Azure AD via SCIM

    Last updated: 2024-11-27 14:46:26
    Download PDF
      This document shows you how to synchronize users or user groups from Azure AD (Azure Active Directory, also known as Microsoft Entra ID) to Tencent Cloud Identity Center by using the SCIM protocol.

      Background

      All configuration operations in Azure AD need to be performed by an administrator (who has been granted global administrator permissions). For information on how to create a user and authorize the user as an administrator in Azure AD, refer to Microsoft Entra Documentation.

      Configuration in the Identity Center

      Step 1: Enabling SCIM Synchronization

      1. Log in to TCO > Identity Center.
      2. In the left navigation bar, click User Management > Settings.
      3. Click
      
      in the SCIM User Synchronization Configuration area and click Enable in the pop-up window to enable SCIM synchronization.
      
      4. After enablement, in the SCIM User Synchronization Configuration area, view or copy the SCIM server address, which will be used when configuring SCIM synchronization in the external IdP.
      Chinese: https://scim.tencentcloudsso.com/scim/v2
      International: https://scim.tencentcloudssointl.com/scim/v2
      

      Step 2: Creating a SCIM Key

      1. Click Generate New SCIM Key in the SCIM User Synchronization Configuration area.
      
      2. In the Create CredentialSecret dialog box, you can save the SCIM key by Download CSV File or Copy. After saving the key, click OK.
      

      Configuration in Azure

      Step 1: Creating an Application in Azure AD

      1. Log in to the Azure portal as an administrator and click the menu icon in the top-left corner.
      
      2. In the left navigation bar, select Microsoft Entra ID.
      
      3. In the left navigation bar, select Manage > Enterprise applications and then go to All applications.
      
      4. Click New application.
      
      5. On the Browse Microsoft Entra Gallery page, click Create your own application, enter the name of your app (such as SCIM intl) in the right window, select Integrate any other application you don't find in the gallery (Non-gallery), and then click Create.
      

      Step 2: Assigning Users or Groups in Azure AD

      1. After creating the application, click Assign users and groups in Getting Started.
      
      2. On the Manage > Users and groups page, click Add user/group.
      
      3. On the Add Assignment page, select users or user groups and click Select.
      
      4. Click Assign. The successfully assigned users/groups will be displayed in the list.
      

      Step 3: Configuring SCIM Synchronization in Azure AD

      1. On the SCIM intl application page, click Provisioning in the left navigation bar.
      
      2. On the Provisioning page, click Get Started.
      
      3. Set the provisioning mode to Automatic. In the Admin Credentials area, configure the admin credentials.
      In the Tenant URL area, enter the SCIM server address.
      Obtain this address from Step 1: Enabling SCIM Synchronization.
      In the Secret Token area, enter the SCIM key.
      Obtain this SCIM key from Step 2: Creating a SCIM Key.
      Click Test Connection.
      After the test is successful, you can proceed with the Next operation.
      
      4. Click Save and the Mappings area will appear. You can use the default configuration or modify the attribute mapping as needed.
      5. Refresh the page and toggle the provisioning on in the Provisioning Status area.
      
      6. Click Save to complete the configuration.
      7. In the Provisioning logs of SCIM intl, you can view the synchronization list.
      

      Result Verification

      1. Log in to TCO > Identity Center.
      2. In the left navigation bar, view the list under User Management > Users/User Groups.
      3. The Source of synchronized users or user groups will be automatically identified as External Import.
      
      
      
      
      
      
      
      
      
      
      
      
      Contact Us

      Contact our sales team or business advisors to help your business.

      Contact Us
      Technical Support

      Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

      Submit a Ticket
      7x24 Phone Support
      Copyright © 2013-2024 Tencent Cloud. All Rights Reserved.
      Privacy PolicyLegalCookie Policy